<?php
include("../inc/shared.php");

unset($message);

session_start();

if(@$_GET['logout'] == "Y"){
	session_unregister("UserID");
	session_unregister("P_Diddy");
	session_unset();
	
	//session_start();
}


session_register("UserID");
session_register("P_Diddy");

if(@$_POST['submit']){
	if(@$_POST['Login'] == "" AND @$_POST['Password'] == ""){
		$message = "Please enter your login name and password.";
	} else if(@$_POST['Login'] == ""){
		$message = "Please enter your login name.";
	} else if(@$_POST['Password'] == ""){
		$message = "Please enter your password.";
	} else {
		// ok to check the login.
		
		// hash the password
		$_POST['Password'] = md5($_POST['Password']);
		
		$sql = "SELECT ID, Password FROM adminlogin WHERE Login='". $_POST['Login'] ."' AND Password='". $_POST['Password'] ."' AND Active='Y'";
		dbConnect($dbname);
		$query = mysql_query($sql);
		if(!$query){
			echo("<p>Error: ". mysql_error() . "</p>");
		} else {
			$count = mysql_num_rows($query);
			if($count != 0){
				$data = mysql_fetch_array($query);
				$UserID = $data["ID"];
				$P_Diddy = $data["Password"];
								
				// send to management page
				Header("Location: admin_index.php");
				exit();
				
			} else {
				$message = "Sorry, please try again.";
				
				unset($Password);
			}
		}

	}
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<title>China Renaissance - Website Admin - Login</title>

<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<link rel="stylesheet" type="text/css" media="all" href="../css/css.css" />
<link rel="stylesheet" type="text/css" media="print" href="../css/print.css" />
<style type="text/css">/* <![CDATA[ */

/* put in the code to make the nav button active here */

/* sub nav active */
ul#subnav li#Main a {
	color: #B32100;
}

/* ]]> */</style>

</head>

<body id="admin">

<div id="wrap">

	<div id="header">
	
<?php include("inc/header.php"); ?>	
			
	</div>

	
	<div id="content">
	
		<div id="main-content">
		
			<h1>Login</h1>

			
<?php
if(isset($message)){
	echo("<p class=\"alert\">$message</p>\n");
}
 
?>

<div class="rule">&nbsp;</div>

<form action="<?php echo($_SERVER['PHP_SELF']); ?>" method="post" id="login">

<label for="Login">Log in name</label>
<input type="text" name="Login" id="Login" value="<?php echo(@$Login); ?>" class="plain-input" /><br />

<label for="Password">Password</label>
<input type="password" name="Password" id="Password" value="<?php echo(@$Password); ?>" class="plain-input" /><br />

<input type="submit" name="submit" id="submit" value="Log in" class="button" /><br />
</form>


		</div>
		
		<div id="other-content">
		
<?php 
// no nav for login
?>
						
		</div>
		
		<div class="clear">&nbsp;</div>
		
	</div>

	<div id="copyright">

<?php include("../inc/copyright.php"); ?>
	
	</div>

</div>

</body>
</html>
